---
- name: install needed packages for blockerbugs
  package: state=present name={{ item }}
  with_items:
  - libselinux-python3
  - python3-mod_wsgi
  - blockerbugs
  # this is for chronic which helps get rid of excess cron emails
  - moreutils
  tags:
  - packages
  - blockerbugs

- name: setup blockerbugs apache conf
  copy: src=blockerbugs.conf dest=/etc/httpd/conf.d/blockerbugs.conf mode=644
  notify:
  - reload httpd
  tags:
  - config
  - httpd
  - blockerbugs

- name: Ensure group `blockerbugs` exists
  group:
    name: blockerbugs
    state: present
  tags:
  - blockerbugs
  - config

- name: create the `blockerbugs` user
  user:
      name: blockerbugs
      group: blockerbugs
      shell: /bin/nologin
      home: /usr/share/blockerbugs
  tags:
  - blockerbugs
  - config

- name: setup blockerbugs app settings file
  template: src=blockerbugs-settings.py.j2 dest=/etc/blockerbugs/settings.py mode=640
  notify:
  - reload httpd
  tags:
  - config
  - httpd
  - blockerbugs

- name: grant blockerbugs and apache read access to the settings file
  acl: name=/etc/blockerbugs/settings.py entity={{ item }} etype=user permissions="r" state=present
  with_items:
  - blockerbugs
  - apache
  notify:
  - reload httpd
  tags:
  - config
  - httpd
  - blockerbugs

- name: allow httpd to connect to network, enabling openid
  seboolean: name=httpd_can_network_connect state=true persistent=true
  tags:
  - config
  - blockerbugs

- name: set sebooleans so blockerbugs can talk to the db
  seboolean: name=httpd_can_network_connect_db state=true persistent=true
  tags:
  - config
  - blockerbugs

- name: setup blockerbugs cron (master node only)
  copy: src=blockerbugs.cron dest=/etc/cron.d/blockerbugs
  when: master_blockerbugs_node
  tags:
  - config
  - blockerbugs

# this is a "short-term" patch that won't be needed for future versions of blockerbugs
- name: patch bz_interface to work with rhbz changes
  copy: src=20210914-patched-bz_interface.py dest=/usr/lib/python3.9/site-packages/blockerbugs/util/bz_interface.py
  when: master_blockerbugs_node
  tags:
  - blockerbugs
